new beginning

nixos/laptop/configuration.nix

@@ -0,0 +1,211 @@
+{
+  config,
+  lib,
+  pkgs,
+  mypkgs,
+  inputs,
+  ...
+}: {
+  imports = [./hardware-configuration.nix];
+
+  boot.loader.systemd-boot.enable = true;
+  boot.loader.efi.canTouchEfiVariables = true;
+  boot.initrd.luks.devices = {
+    cryptlvm = {
+      device = "/dev/disk/by-uuid/1b3b8818-6085-4dd3-ab5e-c97cc49d2773";
+      allowDiscards = true;
+      preLVM = true;
+    };
+  };
+  boot.kernelPackages = pkgs.linuxPackages_6_8;
+
+  i18n.defaultLocale = "en_US.UTF-8";
+  time.timeZone = "Europe/Berlin";
+
+  hardware = {
+    bluetooth.enable = true;
+    graphics.enable = true;
+
+    printers = {
+      ensureDefaultPrinter = "Kyocera_FS-1370DN";
+
+      ensurePrinters = [
+        {
+          name = "Kyocera_FS-1370DN";
+          location = "HWLAB_DC3";
+          deviceUri = "socket://10.3.32.10";
+          model = "Kyocera/Kyocera_FS-1370DN.ppd";
+        }
+      ];
+    };
+  };
+
+  networking = {
+    useDHCP = false;
+    networkmanager = {
+      enable = true;
+      plugins = with pkgs; [
+        networkmanager-openvpn
+      ];
+    };
+  };
+
+  environment.systemPackages = with pkgs; [
+    vim
+    wget
+  ];
+
+  networking.firewall.enable = false;
+
+  services = {
+    blueman.enable = true;
+    fprintd.enable = true;
+    illum.enable = true;
+    tlp.enable = true;
+    libinput.enable = true;
+
+    udev.extraRules = ''
+      KERNEL=="hidraw*", ATTRS{idVendor}=="3297", MODE="0664", GROUP="plugdev"
+      # Keymapp Flashing rules for the ZSA Voyager
+      SUBSYSTEMS=="usb", ATTRS{idVendor}=="3297", MODE:="0666", SYMLINK+="ignition_dfu"
+    '';
+
+    printing = {
+      enable = true;
+      drivers = [
+        mypkgs.cups-kyocera-fs1370dn
+      ];
+    };
+
+    openssh = {
+      enable = true;
+      ports = [222];
+      openFirewall = true;
+      settings = {
+        PasswordAuthentication = false;
+        PermitRootLogin = "prohibit-password";
+        KbdInteractiveAuthentication = false;
+      };
+      hostKeys = [
+        {
+          path = "/etc/ssh/ssh_host_ed25519_key";
+          type = "ed25519";
+        }
+      ];
+    };
+
+    logind = {
+      lidSwitch = "suspend";
+      lidSwitchDocked = "ignore";
+      lidSwitchExternalPower = "ignore";
+      extraConfig = ''
+        HoldoffTimeoutSec=300s
+      '';
+    };
+
+    pipewire = {
+      enable = true;
+      alsa.enable = true;
+      alsa.support32Bit = true;
+      pulse.enable = true;
+    };
+
+    xserver = {
+      enable = true;
+
+      # windowManager.awesome = {
+      #   enable = true;
+      #   package = pkgs.callPackage ../../overrides/awesome.nix {};
+      # };
+
+      displayManager = {
+        # sddm.enable = true;
+        # defaultSession = "none+awesome";
+        gdm = {
+          enable = true;
+          wayland = true;
+        };
+      };
+    };
+
+    clamav = {
+      daemon.enable = true;
+      updater.enable = true;
+    };
+  };
+
+  # services.jupyter = {
+  #   enable = true;
+  #   package = pkgs.jupyter-all;
+  #   command = "jupyter-lab";
+  #   group = "users";
+  #   password = "'$argon2i$v=19$m=4096,t=3,p=1$a2pzamhrdjgzaGtzZGZoZGY4NzcydWhkZnM$fuPanvCWOsPNpBjyLaBz3YRRzmSSdpp8kaYJAyEPtWA'";
+  #   kernels = let
+  #     juliaEnv = pkgs.julia_19-bin.withPackages ["IJulia" "Plots"];
+  #     ijulia = builtins.readFile (
+  #       pkgs.runCommand "${juliaEnv.name}-ijulia-pkgdir"
+  #       {
+  #         buildInputs = [juliaEnv];
+  #       } ''
+  #         ${juliaEnv}/bin/julia -e 'using IJulia; print(pkgdir(IJulia))' >$out
+  #       ''
+  #     );
+  #   in {
+  #     ijulia = {
+  #       displayName = "Julia ${juliaEnv.julia.version}";
+  #       argv = [
+  #         "${juliaEnv}/bin/julia"
+  #         "-i"
+  #         "--color=yes"
+  #         "${ijulia}/src/kernel.jl"
+  #         "{connection_file}"
+  #       ];
+  #       language = "julia";
+  #       interruptMode = "signal";
+  #       logo32 = "${ijulia}/deps/logo-32x32.png";
+  #       logo64 = "${ijulia}/deps/logo-64x64.png";
+  #     };
+  #   };
+  # };
+
+  # # systemd.services.jupyter.environment.JUPYTER_DATA_DIR = builtins.toString (pkgs.jupyter-kernel.create {
+  # #   definitions = config.services.jupyter.kernels;
+  # # });
+  # systemd.services.jupyter.environment.JUPYTER_DATA_DIR = ".jupyter/data";
+  # systemd.services.jupyter.environment.JUPYTER_RUNTIME_DIR = "/var/lib/jupyter/.local/share/jupyter/runtime";
+
+  security.sudo.configFile = ''
+    Defaults lecture=always
+    Defaults lecture_file=${../../misc/sudo_lecture}
+  '';
+  security.pam.services.swaylock = {};
+
+  fonts.packages = with pkgs; [
+    font-awesome
+    (nerdfonts.override {fonts = ["FiraMono"];})
+    mypkgs.comic-mono
+  ];
+
+  programs.fish.enable = true;
+  programs.hyprland.enable = true;
+
+  users.groups.plugdev = {};
+  users.users.patrick = {
+    isNormalUser = true;
+    extraGroups = ["networkmanager" "wheel" "plugdev" "jupyter"];
+    shell = pkgs.bashInteractive;
+    openssh.authorizedKeys.keys = [
+      "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIP8zNAXScQ4FoWNxF4+ALJXMSi3EbpqZP5pO9kfg9t8o patrick"
+    ];
+  };
+
+  virtualisation.podman.enable = true;
+
+  # This value determines the NixOS release from which the default
+  # settings for stateful data, like file locations and database versions
+  # on your system were taken. It‘s perfectly fine and recommended to leave
+  # this value at the release version of the first install of this system.
+  # Before changing this value read the documentation for this option
+  # (e.g. man configuration.nix or on https://nixos.org/nixos/options.html).
+  system.stateVersion = "22.11"; # Did you read the comment?
+}